Overview
All call recordings on Exotel’s connectors in CRMs are authenticated i.e, users would not be able to access these recordings directly by default. One of the following mechanisms would have to be adopted by your organization to access these recordings on the connectors directly -
Method 1 - IP Whitelisting (Recommended)
This security mechanism will be applicable to use cases where the access to call recordings is limited within a secure network - either on office premises or through company controlled VPN.
Customers will have to register their IP addresses on Exotel’s end (via [email protected]). Only these IPs will be allowed to access the new recording URLs without any need of authentication. From all other IP addresses, we will prompt for authentication.
Max No. of IPs/CIDR blocks allowed to whitelist: 20
Any exception beyond this limit needs to be raised as a request to [email protected] or reach out to your account manager.
Method 2 - Keep the users’ ExoLite Session Active.
Keeping the ExoLite session active and accessing the recordings in the connectors would allow you to play them without any further authentication. If you don’t have users on ExoLite created for all your agents on the connector, you can do so by following these steps.
Method 3 - Enter User Name and Password (Default)
When users try to access the recordings from the connectors, a popup will be shown asking them to enter the username and password. This is nothing but the API Key and token that is available on the ExoLite dashboard.
Admins of the account to create a new token by clicking on the API Credentials > Create API Key button. A popup to select the permissions will show up where they can unselect all the options except “GET availablephonenumbers/*”. They can click on create and share the newly created API Key and Token with the agents who usually access recordings.